One argument I can see for laptops is that they are an integrated unit that doesn’t depend on a host of external devices. For example, they have integrated keyboards, trackpads, and screens. It’s entirely feasible to not have a sys-USB. However, how the idiosyncracies in how components are wired together can lead to passthrough issues or worse (e.g. @alzer89 mentioned that some MacBooks have the keyboard, trackpad, bluetooth, wifi and more on the same bus).
One argument I can see for desktops is that they don’t tend to travel around and are harder to access or steal, and suspect components can be quickly swapped out. Howeber, on top of lacking portability, desktops also require a far wider trust base since components and external devices tend to be from a constellation of manufacturers.
If you were to build the ultimate secure workstation (whatever that means to you), would it be a laptop or a desktop? Why?